stackspot

SUSPICIOUS. The skill’s crypto functionality matches its stated purpose, but it gives an AI agent the ability to perform real mainnet wallet actions that can lock or affect funds. There is no clear evidence of credential theft or off-platform exfiltration, yet the autonomous financial-action risk is high enough to treat this as a dangerous skill.